使用kafka通过elasticsearch在kibana中提供时间戳字段
在通过Kafka elasticsearch连接器添加数据时,如何允许kibana将我的时间戳字段用作@timestamp 我是这样定义我的avro模式的使用kafka通过elasticsearch在kibana中提供时间戳字段,kibana,avro,apache-kafka-connect,kafka-producer-api,Kibana,Avro,Apache Kafka Connect,Kafka Producer Api,在通过Kafka elasticsearch连接器添加数据时,如何允许kibana将我的时间戳字段用作@timestamp 我是这样定义我的avro模式的 public static String userSchema = "{\"type\":\"record\"," + "\"name\":\"myrecord\"," +
public static String userSchema = "{\"type\":\"record\"," +
"\"name\":\"myrecord\"," +
"\"fields\":[" +
"{\"name\":\"wSrcTime\",\"type\":[\"string\", \"null\"],\"default\":\"null\"}," +
"{\"name\":\"wTradePrice\",\"type\":[\"null\",\"float\"],\"default\":null}," +
"{\"name\":\"timestamp\",\"type\":{\"type\":\"long\",\"logicalType\":\"timestamp-millis\"}}" +
"]}";
avroRecord.put("timestamp", System.currentTimeMillis());
{"wSrcTime":{"string":"2019-08-01 15:20:40.127"},"wTradePrice":null,"timestamp":1564672840137}
{"wSrcTime":{"string":"2019-08-01 15:20:41.062"},"wTradePrice":null,"timestamp":1564672841072}
{"wSrcTime":{"string":"2019-08-01 15:20:41.062"},"wTradePrice":null,"timestamp":1564672841073}
{"wSrcTime":{"string":"2019-08-01 15:20:41.064"},"wTradePrice":null,"timestamp":1564672841075}
{"wSrcTime":{"string":"2019-08-01 15:20:41.065"},"wTradePrice":null,"timestamp":1564672841076}
{"wSrcTime":{"string":"2019-08-01 15:20:41.410"},"wTradePrice":null,"timestamp":1564672841420}
timestamp: number
wTradePrice: number
wSrcTime: string
谢谢您可以在elasticsearch上创建一个摄取管道,以便在索引文档之前将时间戳字段重命名为@timestamp 在弹性体上创建管道:
PUT _ingest/pipeline/rename_timestamp
{
"rename": {
"field": "timestamp",
"target_field": "@timestamp"
}
}
PUT /es-index/_doc?pipeline=rename_timestamp
{
"timestamp": "value"
...
}